{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-06-01T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-11-24T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "49772", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/49772"}, {"name": "20110601 cherokee server admin vulnerable to csrf", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2011/Jun/0"}, {"name": "[oss-security] 20110606 Re: Security issue in cherokee", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/06/06/22"}, {"name": "FEDORA-2011-12698", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066222.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://launchpad.net/bugs/784632"}, {"name": "[oss-security] 20110602 CVE Request -- Cherokee -- server admin vulnerable to csrf", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/06/02/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cherokee-project.com/download/LATEST_is_1.2.99/cherokee-1.2.99.tar.gz"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=713304"}, {"name": "[oss-security] 20110603 Security issue in cherokee", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/06/03/6"}, {"name": "72693", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/72693"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:53:17.430Z"}, "title": "CVE Program Container", "references": [{"name": "49772", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/49772"}, {"name": "20110601 cherokee server admin vulnerable to csrf", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2011/Jun/0"}, {"name": "[oss-security] 20110606 Re: Security issue in cherokee", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/06/06/22"}, {"name": "FEDORA-2011-12698", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066222.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://launchpad.net/bugs/784632"}, {"name": "[oss-security] 20110602 CVE Request -- Cherokee -- server admin vulnerable to csrf", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/06/02/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cherokee-project.com/download/LATEST_is_1.2.99/cherokee-1.2.99.tar.gz"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=713304"}, {"name": "[oss-security] 20110603 Security issue in cherokee", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/06/03/6"}, {"name": "72693", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/72693"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2191", "datePublished": "2011-10-07T01:00:00", "dateReserved": "2011-05-31T00:00:00", "dateUpdated": "2024-08-06T22:53:17.430Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cherokee-project:cherokee:*:*:*:*:*:*:*:*", "matchCriteriaId": "674AD99A-45B9-426B-A0B4-D463D859E8BD", "versionEndIncluding": "1.2.98", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D72FF6B3-59AC-429A-9306-120BEF41BA21", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7879BF5D-D188-45EC-8CF1-75F72FDD317F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "44992C96-B552-4A2B-A404-E3E595F54954", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "71040563-9485-4665-AC02-F82734F0876F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "5314F514-FF97-46CC-B3D4-6925933CAE98", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "A060E8F5-CE34-4CD9-86BC-06C589D3B109", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "B420FEA6-8F72-4A37-816D-0D26667BFF94", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "A09D8EC8-5D8F-425B-8763-82BC2A53DA26", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "249E666A-5639-450D-B570-65B5E7A64F3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "B2ED38E6-EFB2-40A4-9796-B3A6AEB967DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "BEEC5875-BC5D-4F4E-895E-C4BF82CEB16F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "F8A63467-2332-47FE-A9BE-7C6471AB31E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "24A159C8-AED3-4F78-83F0-7295A43BD6CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "1B22C65A-4F18-43DB-9306-F6E4004D0824", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "610B2E1F-3ABF-460F-86DC-7F1F27FB06A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "76F4808F-77EE-4242-BE4F-0ECC2725885B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "8CB06B8B-EE81-4C03-BBA8-DE672FB7B4FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "697BF6E4-FFDE-45B0-9BEC-F8C37E794CF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "24EE0CC7-F388-4A28-8AC1-0D2C78936FDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "0B3F4AC4-C123-430F-9B4E-3FF14CBB574F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "B00661A6-62FB-4D41-9931-C5914A5D4704", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.20:*:*:*:*:*:*:*", "matchCriteriaId": "D97CFCBC-6257-4B00-BF5B-41525F9CC0CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.21:*:*:*:*:*:*:*", "matchCriteriaId": "48BD342E-8372-45A0-8001-88C6949396D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "C0F3D30A-188A-4DD6-A27D-177C337BBF1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "499882B7-8826-426A-A909-2972DB411950", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "34D8CA76-0FB7-4558-9A80-853592B5BB3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.25:*:*:*:*:*:*:*", "matchCriteriaId": "E9C981CA-6CEA-4EDB-A47A-BC2F4CF5A90D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.26:*:*:*:*:*:*:*", "matchCriteriaId": "328299F2-4AFE-433D-839B-49FB76DC1693", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.27:*:*:*:*:*:*:*", "matchCriteriaId": "402A610A-E09C-4AD7-AD88-4840D273B43D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.28:*:*:*:*:*:*:*", "matchCriteriaId": "628AF17F-5134-4EC8-97BB-04380DB9B5D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.29:*:*:*:*:*:*:*", "matchCriteriaId": "09945325-5812-4827-8DF8-0AC59E5BF3C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.4.30:*:*:*:*:*:*:*", "matchCriteriaId": "7ED47B2D-AA94-4902-A0A5-D4571F45DA98", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "850FC8D1-A60B-4199-BD9A-E480C3DFCADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "F1299BA2-1590-46D8-AE07-304EA6F56181", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "0FC506D1-79F9-4215-A806-24225C3D6462", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "250A06CF-15A8-4602-BE8D-874C8D088396", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "BAE75B64-93A9-4472-96DD-6CB1E6B029D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "DF3ED1D9-9FC0-424F-B610-2E2617205FA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "710E366E-38B1-4A8A-A57F-B5589E117D03", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7AE88E20-78C4-4315-81D4-ACD8616DFE1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "56BB3013-7508-42D1-8086-CEBE776747AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "411D69C9-2910-4458-BFA9-47319F58C01C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "37DF02A1-88B7-48D8-BFEE-1FD48C329278", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "BF08EF9D-57F6-4194-B853-CE3AB9FD0016", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "DF7B3905-185B-4AFD-85C7-CED8EDD94F02", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "0F70D80C-EEB1-4194-855C-D3715C99F2D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "3BF9F848-7CEE-4A33-8C35-86D13C9C41C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "722246E6-F6B1-4003-B496-9FA2DDCBFEBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "ABD47FBC-CCAF-43BB-8884-D4D15BFD89B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A065352A-B0FE-4EBF-BF90-7242F5980D5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "0B9F81E1-C73C-4362-914F-D74B030C9674", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "9172B4E8-F280-4EF7-B262-9B9DA8A83B4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "C32AF0C7-79BC-4670-ABD1-8B5B5BFC1C23", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "A2FD0D6D-F123-4E52-B5B3-167D34995A6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBFE8EFF-0A29-4B29-B49D-E5DD0ED99E8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "056A2B22-D824-45F6-92AD-500DB4C1E951", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "C0CF78CF-5447-478F-A346-676927752D38", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "61BD126D-4CB5-40E5-A182-E74B1023E120", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "6BA588C6-7165-4D6D-81FF-9DE4794B5C68", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "6155B076-59E2-449D-B8BE-8F3E942ADCAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.98.0:*:*:*:*:*:*:*", "matchCriteriaId": "86B1A879-C715-4DC9-B3ED-06613DF0227F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.98.1:*:*:*:*:*:*:*", "matchCriteriaId": "70E5943A-AE08-4DB8-90E0-6751AC95C44D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBEDEBA0-3D84-4EB3-8EF8-52B8CE4B353C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.1:*:*:*:*:*:*:*", "matchCriteriaId": "24A760D4-892E-4356-B49E-2D2A4ECC9CD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.2:*:*:*:*:*:*:*", "matchCriteriaId": "629A42DC-8E7E-4FCC-9588-1DE41800FAE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.3:*:*:*:*:*:*:*", "matchCriteriaId": "4F5318A9-8B3D-4811-988E-B48E115AB1C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.4:*:*:*:*:*:*:*", "matchCriteriaId": "C5064310-FCD7-4660-8B5E-11F35CFE5CE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.5:*:*:*:*:*:*:*", "matchCriteriaId": "A12BDFA8-B467-41F1-8617-E1D0D8090573", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.6:*:*:*:*:*:*:*", "matchCriteriaId": "F29E5056-AFF7-4DF4-BAEB-4D13208D309A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.07:*:*:*:*:*:*:*", "matchCriteriaId": "00F47B90-E0D1-47B9-9A0E-6BADE004D7B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.8:*:*:*:*:*:*:*", "matchCriteriaId": "B3775E60-3D6B-4BB9-8A67-D21C43968334", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.9:*:*:*:*:*:*:*", "matchCriteriaId": "00144A08-D450-42A3-B570-2A6872201E85", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.10:*:*:*:*:*:*:*", "matchCriteriaId": "1A5CCA66-61B9-4BE2-B511-C9DD7DE974E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.11:*:*:*:*:*:*:*", "matchCriteriaId": "BF8F8C75-217A-42FC-8487-2ED181D9D9B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.12:*:*:*:*:*:*:*", "matchCriteriaId": "649460A3-9436-4192-9A62-94D5AA54E980", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.13:*:*:*:*:*:*:*", "matchCriteriaId": "803BF030-8E46-4796-8A29-05A8FD324624", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.14:*:*:*:*:*:*:*", "matchCriteriaId": "C0609A94-3233-4918-9FE3-864734EA64E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.15:*:*:*:*:*:*:*", "matchCriteriaId": "3339CD55-B0AA-4F3E-9B48-11DDA9CD2104", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.16:*:*:*:*:*:*:*", "matchCriteriaId": "A4157BEE-F6A1-4938-89FB-7509995E009B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.17:*:*:*:*:*:*:*", "matchCriteriaId": "95079C95-F5C2-443A-BC78-9A9AFC5BC5F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.18:*:*:*:*:*:*:*", "matchCriteriaId": "DD3AE4D7-7B49-4315-B6D9-41ECAADC82E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.19:*:*:*:*:*:*:*", "matchCriteriaId": "9856BF25-D63A-4D00-BDD4-96FB5293E2E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.20:*:*:*:*:*:*:*", "matchCriteriaId": "7EB87F3D-CCEA-451E-B2CF-D414ECC53438", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.21:*:*:*:*:*:*:*", "matchCriteriaId": "10757868-1831-4802-A3A0-C343BE492389", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.22:*:*:*:*:*:*:*", "matchCriteriaId": "B0C6219F-BA29-4EE3-B7F4-524E413C7885", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.23:*:*:*:*:*:*:*", "matchCriteriaId": "D6032E26-D07D-410E-8E74-004D745C3F85", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.24:*:*:*:*:*:*:*", "matchCriteriaId": "B3E6C74A-94FB-4944-AED4-5B31679262B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.25:*:*:*:*:*:*:*", "matchCriteriaId": "32D44F80-75AD-4015-BA02-82B8461BEC9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.26:*:*:*:*:*:*:*", "matchCriteriaId": "6AD2950E-26EF-45CE-9A80-8636FE44FD55", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.27:*:*:*:*:*:*:*", "matchCriteriaId": "6E5843A4-618F-4D7D-9931-16DAC314C9C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.28:*:*:*:*:*:*:*", "matchCriteriaId": "53E1A557-2E7F-4CA1-81E3-1C0AD040D6AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.29:*:*:*:*:*:*:*", "matchCriteriaId": "0DF0CD1F-95B0-4CAE-95AA-14439638CF34", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.30:*:*:*:*:*:*:*", "matchCriteriaId": "C4FDDF23-7FD7-40E7-B817-3CC99C48FECD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.31:*:*:*:*:*:*:*", "matchCriteriaId": "33C56893-10BD-45FC-86CB-4AC32E11C2A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.32:*:*:*:*:*:*:*", "matchCriteriaId": "59E6C3E2-6BE2-4CEA-A1B4-651175AA3F28", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.33:*:*:*:*:*:*:*", "matchCriteriaId": "23CA8768-C639-4292-8689-6EFE43549F09", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.34:*:*:*:*:*:*:*", "matchCriteriaId": "361E5685-6676-4235-B41E-240882D8D2C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.35:*:*:*:*:*:*:*", "matchCriteriaId": "CF64C8BD-4C3F-4D27-B6C9-BA8B6275C813", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.36:*:*:*:*:*:*:*", "matchCriteriaId": "6CF76DCB-91B3-4890-9A79-63A1B053DB1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.37:*:*:*:*:*:*:*", "matchCriteriaId": "7668F112-44BA-473E-8C8F-116B11ECE0D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.38:*:*:*:*:*:*:*", "matchCriteriaId": "5FD3F7AD-A298-4C56-8BE7-A9BCBECFFE84", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.39:*:*:*:*:*:*:*", "matchCriteriaId": "9DDA36FB-2338-49FC-890C-0D7E230E60A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.40:*:*:*:*:*:*:*", "matchCriteriaId": "B403DB68-3FAB-4802-8CE0-62C4160F0014", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.41:*:*:*:*:*:*:*", "matchCriteriaId": "49092B57-A1CC-4B2C-9C76-2DCD1AA0398D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.42:*:*:*:*:*:*:*", "matchCriteriaId": "251B03EF-6B65-4E2A-9E95-E7423F1B98FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.43:*:*:*:*:*:*:*", "matchCriteriaId": "E35F1FC0-C03D-4D6E-963E-6269B1FAF2E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.44:*:*:*:*:*:*:*", "matchCriteriaId": "54E1A1BF-CA09-49DF-BA2E-00E32E6C9ADD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.45:*:*:*:*:*:*:*", "matchCriteriaId": "8F99739A-BA90-4FB9-8D35-5DD9086F5B8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.46:*:*:*:*:*:*:*", "matchCriteriaId": "EF500BFC-8593-42D4-A997-F386C657DEB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.47:*:*:*:*:*:*:*", "matchCriteriaId": "AAFD8807-9446-415B-AB32-4F4F9B7B3271", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.48:*:*:*:*:*:*:*", "matchCriteriaId": "A20009D8-AE7F-4C0E-9D4D-0C8327AD87E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:0.99.49:*:*:*:*:*:*:*", "matchCriteriaId": "EF7C1ED1-C424-481F-A7F0-9334D7DFB7ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0B92C38-5AF2-449F-BC68-076F77C077D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A648ADE1-42F3-4871-97BC-3184F2D168C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "7B2695CE-028C-490C-953A-E319D7FA9F83", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC65782E-ECCA-43FA-844D-B8FC9A87BAB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3C862A1E-B1B7-4A82-96A3-72CFEE5E5618", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "190A13C9-1C1A-4074-A1C4-501BC9C8A1B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "BC56ADDF-1448-4AD7-B2B7-BDCB50061F88", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "ED7062D1-2DF3-4045-A3EB-7E2E15CD7962", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "BE57FA26-7CE8-4DF4-9AAD-5C96185B80AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "AD81119E-EA94-4ADF-BF6A-6CDAEDE28C05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "2B3FD7A8-AFAD-4955-A1D7-8E9E8958F91F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "4DB81796-9217-449B-8F3F-D6F72A24E694", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "89298218-3751-49E0-96A3-5525531C8E9F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "24BD5CCC-0EA1-4D7E-92D9-F1DFF3E16D9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "1CAABD32-CBDD-41D0-8147-E2EC15E76BD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "62C1D5C6-5F0E-4CEE-95B4-426FC4906007", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "DF386C91-9AF5-435D-B713-19D29827D128", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "D74293C5-82E9-41CF-A591-A8C86A0705D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "82970E82-587C-4AB5-892F-59D47BC4EC6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "C14B6FC3-55C6-4D77-8BC2-0E0A38EF773E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "BC597B25-3DA8-4482-A6DD-602411CAEBF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EAADB28A-0259-43D4-9111-8230DC7FBF13", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C81B436-5435-484A-81C2-EC9FAC83DC6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cherokee-project:cherokee:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D5B3C97-844D-4F58-87F4-11962A7228F2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Cherokee-admin de Cherokee en versiones anteriores a la 1.2.99. Permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores en peticiones que insertan secuencias de comandos en sitios cruzados (XSS), como se ha demostrado por un campo de nombre de usuario (\"nickname\") a vserver/apply."}], "id": "CVE-2011-2191", "lastModified": "2024-11-21T01:27:47.030", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-10-07T02:51:40.893", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066222.html"}, {"source": "secalert@redhat.com", "url": "http://osvdb.org/72693"}, {"source": "secalert@redhat.com", "url": "http://seclists.org/fulldisclosure/2011/Jun/0"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.cherokee-project.com/download/LATEST_is_1.2.99/cherokee-1.2.99.tar.gz"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/06/02/2"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.openwall.com/lists/oss-security/2011/06/03/6"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.openwall.com/lists/oss-security/2011/06/06/22"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/49772"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=713304"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://launchpad.net/bugs/784632"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066222.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/72693"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2011/Jun/0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.cherokee-project.com/download/LATEST_is_1.2.99/cherokee-1.2.99.tar.gz"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/06/02/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.openwall.com/lists/oss-security/2011/06/03/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.openwall.com/lists/oss-security/2011/06/06/22"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/49772"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=713304"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://launchpad.net/bugs/784632"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}